1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted linux 5.10.162-1 (source) into proposed-updates

    From Debian FTP Masters@21:1/5 to All on Wed Jan 25 20:50:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Sat, 21 Jan 2023 15:35:48 +0100
    Source: linux
    Architecture: source
    Version: 5.10.162-1
    Distribution: bullseye-security
    Urgency: high
    Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
    Changed-By: Salvatore Bonaccorso <carnil@debian.org>
    Closes: 825141 1008501 1027430 1027483
    Changes:
    linux (5.10.162-1) bullseye-security; urgency=high
    .
    * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.159
    - [armhf] dts: rockchip: fix node name for hym8563 rtc
    - [armhf] dts: rockchip: fix ir-receiver node names
    - [arm64] dts: rockchip: fix ir-receiver node names
    - [armel,armhf] 9266/1: mm: fix no-MMU ZERO_PAGE() implementation
    - 9p/fd: Use P9_HDRSZ for header size
    - ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
    - btrfs: send: avoid unaligned encoded writes when attempting to clone range
    - ASoC: soc-pcm: Add NULL check in BE reparenting
    - [armhf] regulator: twl6030: fix get status of twl6032 regulators
    - fbcon: Use kzalloc() in fbcon_prepare_logo()
    - [arm64,armhf] usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End
    Transfer
    - 9p/xen: check logical size for buffer size
    - net: usb: qmi_wwan: add u-blox 0x1342 composition
    - mm/khugepaged: take the right locks for page table retraction
    - mm/khugepaged: fix GUP-fast interaction by sending IPI
    - mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
    - rtc: mc146818: Prevent reading garbage
    - rtc: mc146818: Detect and handle broken RTCs
    - rtc: mc146818: Dont test for bit 0-5 in Register D
    - rtc: cmos: remove stale REVISIT comments
    - rtc: mc146818-lib: change return values of mc146818_get_time()
    - rtc: Check return value from mc146818_get_time()
    - rtc: mc146818-lib: fix RTC presence check
    - rtc: mc146818-lib: extract mc146818_avoid_UIP
    - rtc: cmos: avoid UIP when writing alarm time
    - rtc: cmos: avoid UIP when reading alarm time
    - rtc: cmos: Replace spin_lock_irqsave with spin_lock in hard IRQ
    - rtc: mc146818: Reduce spinlock section in mc146818_set_time()
    - media: videobuf2-core: take mmap_lock in vb2_get_unmapped_area()
    - media: v4l2-dv-timings.c: fix too strict blanking sanity checks
    - memcg: fix possible use-after-free in memcg_write_event_control()
    - mm/gup: fix gup_pud_range() for dax
    - Bluetooth: btusb: Add debug message for CSR controllers
    - Bluetooth: Fix crash when replugging CSR fake controllers
    - [s390x] KVM: s390: vsie: Fix the initialization of the epoch extension
    (epdx) field
    - [x86] drm/vmwgfx: Don't use screen objects when SEV is active
    - drm/shmem-helper: Remove errant put in error path
    - drm/shmem-helper: Avoid vm_open error paths
    - HID: usbhid: Add ALWAYS_POLL quirk for some mice
    - HID: hid-lg4ff: Add check for empty lbuf
    - HID: core: fix shift-out-of-bounds in hid_report_raw_event
    - can: af_can: fix NULL pointer dereference in can_rcv_filter
    - mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
    (CVE-2022-3623)
    - rtc: cmos: Disable irq around direct invocation of cmos_interrupt()
    - rtc: mc146818-lib: fix locking in mc146818_set_time
    - rtc: mc146818-lib: fix signedness bug in mc146818_get_time()
    - netfilter: nft_set_pipapo: Actually validate intervals in fields after the
    first one
    - ieee802154: cc2520: Fix error return code in cc2520_hw_init()
    - netfilter: ctnetlink: fix compilation warning after data race fixes in ct
    mark
    - e1000e: Fix TX dispatch condition
    - igb: Allocate MSI-X vector when testing
    - [arm64,armhf] drm: bridge: dw_hdmi: fix preference of RGB modes over
    YUV420
    - af_unix: Get user_ns from in_skb in unix_diag_get_exact().
    - [x86] vmxnet3: correctly report encapsulated LRO packet
    - Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn()
    - Bluetooth: Fix not cleanup led when bt_init fails
    - mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
    - xen-netfront: Fix NULL sring after live migration
    - [arm64,armhf] net: mvneta: Prevent out of bounds read in
    mvneta_config_rss()
    - i40e: Fix not setting default xps_cpus after reset
    - i40e: Fix for VF MAC address 0
    - i40e: Disallow ip4 and ip6 l4_4_bytes
    - nvme initialize core quirks before calling nvme_init_subsystem
    - net: stmmac: fix "snps,axi-config" node property parsing
    - ip_gre: do not report erspan version on GRE interface
    - [arm64] net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq
    - [arm64] net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
    - [arm64] net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
    - tipc: Fix potential OOB in tipc_link_proto_rcv()
    - ipv4: Fix incorrect route flushing when source address is deleted
    - ipv4: Fix incorrect route flushing when table ID 0 is used
    - tipc: call tipc_lxc_xmit without holding node_read_lock
    - [x86] net: plip: don't call kfree_skb/dev_kfree_skb() under
    spin_lock_irq()
    - ipv6: avoid use-after-free in ip6_fragment()
    - [arm64,armhf] net: mvneta: Fix an out of bounds check
    - macsec: add missing attribute validation for offload
    - can: esd_usb: Allow REC and TEC to return to zero
    https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.160
    - [x86] smpboot: Move rcu_cpu_starting() earlier
    - vfs: fix copy_file_range() regression in cross-fs copies
    - vfs: fix copy_file_range() averts filesystem freeze protection
    - nfp: fix use-after-free in area_cache_get() (CVE-2022-3545)
    - fuse: always revalidate if exclusive create
    - io_uring: add missing item types for splice request (CVE-2022-4696)
    - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
    - can: mcba_usb: Fix termination command argument
    - [armel,armhf] ASoC: cs42l51: Correct PGA Volume minimum value
    - nvme-pci: clear the prp2 field when not used
    - ASoC: ops: Correct bounds check for second channel on SX controls
    https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.161
    - udf: Discard preallocation before extending file with a hole
    - udf: Fix preallocation discarding at indirect extent boundary
    - udf: Do not bother looking for prealloc extents if i_lenExtents matches
    i_size
    - udf: Fix extending file within last block
    - usb: gadget: uvc: Prevent buffer overflow in setup handler
    - USB: serial: option: add Quectel EM05-G modem
    - USB: serial: cp210x: add Kamstrup RF sniffer PIDs
    - USB: serial: f81232: fix division by zero on line-speed change
    - USB: serial: f81534: fix division by zero on line-speed change
    - xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N
    - igb: Initialize mailbox message for VF reset
    - HID: ite: Add support for Acer S1002 keyboard-dock
    - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch 10E
    - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10
    - HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk
    - Bluetooth: L2CAP: Fix u8 overflow (CVE-2022-45934)
    - net: loopback: use NET_NAME_PREDICTABLE for name_assign_type
    https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.162
    - kernel: provide create_io_thread() helper
    - iov_iter: add helper to save iov_iter state
    - saner calling conventions for unlazy_child()
    - fs: add support for LOOKUP_CACHED
    - fix handling of nd->depth on LOOKUP_CACHED failures in try_to_unlazy*
    - Make sure nd->path.mnt and nd->path.dentry are always valid pointers
    - fs: expose LOOKUP_CACHED through openat2() RESOLVE_CACHED
    - tools headers UAPI: Sync openat2.h with the kernel sources
    - net: provide __sys_shutdown_sock() that takes a socket
    - net: add accept helper not installing fd
    - signal: Add task_sigpending() helper
    - fs: make do_renameat2() take struct filename
    - file: Rename __close_fd_get_file close_fd_get_file
    - fs: provide locked helper variant of close_fd_get_file()
    - entry: Add support for TIF_NOTIFY_SIGNAL
    - task_work: Use TIF_NOTIFY_SIGNAL if available
    - [x86] Wire up TIF_NOTIFY_SIGNAL
    - [arm64] add support for TIF_NOTIFY_SIGNAL
    - [powerpc*] add support for TIF_NOTIFY_SIGNAL
    - [mips*] add support for TIF_NOTIFY_SIGNAL
    - [s390x] add support for TIF_NOTIFY_SIGNAL
    - [armel,armhf] add support for TIF_NOTIFY_SIGNAL
    - task_work: remove legacy TWA_SIGNAL path
    - kernel: remove checking for TIF_NOTIFY_SIGNAL
    - coredump: Limit what can interrupt coredumps
    - kernel: allow fork with TIF_NOTIFY_SIGNAL pending
    - entry/kvm: Exit to user mode when TIF_NOTIFY_SIGNAL is set
    - arch: setup PF_IO_WORKER threads like PF_KTHREAD
    - arch: ensure parisc/powerpc handle PF_IO_WORKER in copy_thread()
    - [x86] process: setup io_threads more like normal user space threads
    - kernel: stop masking signals in create_io_thread()
    - kernel: don't call do_exit() for PF_IO_WORKER threads
    - task_work: add helper for more targeted task_work canceling
    - io_uring: import 5.15-stable io_uring
    - signal: kill JOBCTL_TASK_WORK
    - task_work: unconditionally run task_work from get_signal()
    - net: remove cmsg restriction from io_uring based send/recvmsg calls
    - Revert "proc: don't allow async path resolution of /proc/thread-self
    components"
    - Revert "proc: don't allow async path resolution of /proc/self components"
    - eventpoll: add EPOLL_URING_WAKE poll wakeup flag
    - eventfd: provide a eventfd_signal_mask() helper
    - io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and wakeups
    .
    [ Salvatore Bonaccorso ]
    * linux-kbuild: Include scripts/pahole-flags.sh (Closes: #1008501)
    * Bump ABI to 21
    * Refresh "Export symbols needed by Android drivers"
    * ASoC: Intel/SOF: use set_stream() instead of set_tdm_slots() for HDAudio
    (Closes: #1027430, #1027483)
    * ASoC/SoundWire: dai: expand 'stream' concept beyond SoundWire
    (Closes: #1027430, #1027483)
    * [rt] Update to 5.10.162-rt78
    * i2c: ismt: Fix an out-of-bounds bug in ismt_access() (CVE-2022-2873)
    * [x86] drm/vmwgfx: Validate the box size for the snooped cursor
    (CVE-2022-36280)
    * media: dvb-core: Fix UAF due to refcount races at releasing (CVE-2022-41218)
    * net: sched: disallow noqueue for qdisc classes (CVE-2022-47929)
    * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
    (CVE-2023-0266)
    * net: sched: cbq: dont intepret cls results when asked to drop
    (CVE-2023-23454)
    * net: sched: atm: dont intepret cls results when asked to drop
    (CVE-2023-23455)
    * netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
    (CVE-2023-0179)
    * ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
    (CVE-2023-0394)
    * [rt] arm64: make _TIF_WORK_MASK bits contiguous
    .
    [ Ben Hutchings ]
    * Disable SECURITY_LOCKDOWN_LSM and MODULE_SIG where we don't sign code
    (Closes: #825141)
    Checksums-Sha1:
    5ef6ef05ff952d90949632474fab0e6af8100caa 197238 linux_5.10.162-1.dsc
    3352d0bb3cc8a8177144374a9f8e1cf6e69631c9 121818544 linux_5.10.162.orig.tar.xz
    dfac62eae47d27331d0fc6ea4d9f0083fc8ff49d 1571940 linux_5.10.162-1.debian.tar.xz
    88e78d0bcdea427086d875b5a5a5d09fea0a8db5 6690 linux_5.10.162-1_source.buildinfo
    Checksums-Sha256:
    798be0e726f7340d60bd66caea38e4825c9307cb7ff714c1edae68e991623481 197238 linux_5.10.162-1.dsc
    23ce1f61a85438549cc84ddb81b036beb8b2670f18c6298ae7a658c429c19e90 121818544 linux_5.10.162.orig.tar.xz
    59fab7dc23a56c8a691d2e9bea683dfa37458e2d11eaca2bcd6f39230225438e 1571940 linux_5.10.162-1.debian.tar.xz
    b19a3d3f1c800ebf3b9b32f87c11d87b3a89c5043023b4b0a2610c5c80ba273b 6690 linux_5.10.162-1_source.buildinfo
    Files:
    15c6596246994d48db1559965276ac5e 197238 kernel optional linux_5.10.162-1.dsc
    a85401541f4ff7d41a3b283433cb790d 121818544 kernel optional linux_5.10.162.orig.tar.xz
    7bae1a68b75cae2b18001d14ef8183da 1571940 kernel optional linux_5.10.162-1.debian.tar.xz
    07f0a6c57028f0a5b4e1e1da0fbf74bd 6690 kernel optional linux_5.10.162-1_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmPL+URfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89E6J0P/jeZovyI+uk0m2QpUWVzD2FDMa7NwkXU 9t8qMLN7xlbufdWQxJzGgyPAXQ9LVQqBkO+zdcDumU30Mf09NAE+k9yYeiwNc3Jl TH1Ngn0Koq4KaBmfqkOi0SElBCk92vQcOtMWkFzTbtVHP2fKGCo/Zr7pYM8QqZ23 6u2pUD8ndE+vv77FXZMhbdxySl31k7mWdchR9RgVpCKDyGQbEjiKBx+BdSheehaQ dtkQn+wI1FlyBTsEEadF4bzgk3eDlezVF/iAMrjlbWd1UR5Mv78aHCnflcjGDgHY 8iaayMTz3NKlPoxO8bC4vySFJw5J7t6eGZU69NuJ0Ov2IgySwuUY2i4KBrD8N4fD z/PHlfHx2XFkU0xlwBhl4tS8Yrz3GKNUE/Kig2mbELSWingFhF1st1WuabSDcAcQ I9Y98XucprRRW1jOjV+ejg9F8XLrai53OA/4wc7lfazhqDg8op+QzdE+iJxmzNQ/ exD/x9KGEtCci+jvxcv/hPQVYbsXhPRojYedwRAuIQQSjyXjT/k32CqfSFHUyOYg bNOkUKQlYijpE3c9+3jTBg7W0XAk7W7mdQnR9eS7tM2JFrgSijDiFOrtiBLW2D/8 C93stWRn2P+hEtpG9l44HPzYoG8yx7G9JoxFzf9Lp3fqx3Nbacrj7d10G70XXvZH
    VRdVhxdTwvEW
    =mhgw
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)